Life death and taxes—or so the saying goes. But for many taxpayers, there’s another constant: Tax Scams. Whenever there is money to be made, some unscrupulous individual is going to attempt to grab a piece of the pie, and are willing to target both individuals and businesses to get it.

The Dirty Dozen: What Should You Watch For?

However, much like our discussion of internal fraud, external tax scams often fall into a limited group, and fraudsters are known to use common tactics. Not only does this happen because they work, they happen because these are the likely areas where controls are lax. Luckily, the IRS is trying to stay ahead of these scammers, and each year announces the most common frauds to look out for. In their report, titled the “Dirty Dozen,” regulators list the worst scams and offer tips to protect yourself.

Announced July 16, the Dirty Dozen is a list of tax scams targeting Americans. From Phishing to fraud, 2020’s list has presented a new tactic, schemes related to coronavirus tax relief, including Economic Impact Payments. Though many of these are focused on individuals, businesses can fall victim as well.

Phishing: Fake Emails and Websites Designed to Separate You from Money

A common experience for both individuals and businesses, phishing schemes remain atop the list of scams in 2020. These schemes are blasted to large numbers of people in an effort to get personal identifying information or financial account information, including account numbers and passwords. Most of these new schemes are actively playing on the fear and unknown of the virus and the stimulus payments.

Whether it’s in the form of text, email, or phone calls, IRS has seen a rapid increase in cases involving COVID-19.

Fake Charities: Unreal and Worse Yet, Non-Deductible

Another big one for 2020, fake charities have popped up left and right to separate you from your money. Criminals frequently exploit natural disasters and other situations such as the current COVID-19 pandemic by setting up fake charities to steal from well-intentioned people trying to help in times of need.

Fraudulent schemes normally start with unsolicited contact by telephone, text, social media, e-mail or in-person using a variety of tactics. Bogus websites use names similar to legitimate charities to trick people to send money or provide personal financial information. They may even claim to be working for or on behalf of the IRS to help victims file casualty loss claims and get tax refunds.

IRS Impersonators: Threatening Calls, Fake Warrants, and Google Play Gift Cards

You’ve probably gotten a few voicemails from “IRS agents” threatening you with immediate arrest. Attempting to instill fear and urgency into a victim, scam phone calls, including those threatening arrest, deportation or license revocation if the victim doesn’t pay a bogus tax bill, are reported year-round. These calls often take the form of a “robocall” (a text-to-speech recorded message with instructions for returning the call).

Social Media Scams: A Personal Touch in Phishing

Social media enables anyone to share information with anyone else on the Internet. Scammers use that information as ammunition for a wide variety of scams. These include emails where scammers impersonate someone’s family, friends or co-workers.

The payloads may be malware, may steal your identity, or may lead you to a fake charity, all of which are designed to separate the victim from money.

Refund Theft

You probably saw news articles regarding CARES Act funds ending up in the hands of Nigerian scammers, and likely know someone who has had a tax return filed in their name. Another common scam, refund theft and economic impact payment theft have been a constant thorn in the side of regulators, businesses, and taxpayers.

Taxpayers can consult the Coronavirus Tax Relief page of IRS.gov for assistance in getting their EIPs. Anyone who believes they may be a victim of identity theft should consult the Taxpayer Guide to Identity Theft on IRS.gov.

Senior Fraud

Often considered easy targets by scammers, senior fraud is rampant in the scammer community. Seniors are more likely to be targeted and victimized by scammers than other segments of society. Financial abuse of seniors is a problem among personal and professional relationships. Anecdotal evidence across professional services indicates that elder fraud goes down substantially when the service provider knows a trusted friend or family member is taking an interest in the senior’s affairs.

Scams Targeting Non-English Speakers

Another group at risk of scams is that of the non-English speaking community. Phone scams pose a major threat to people with limited access to information, including individuals not entirely comfortable with the English language.

Much like the phone scams, these calls frequently take the form of a “robocall” and often results in an IRS Impersonator threatening jail time, deportation or revocation of a driver’s license from someone claiming to be with the IRS. Taxpayers who are recent immigrants often are the most vulnerable and should ignore these threats and not engage the scammers.

False Return Preparers: Accountants without Accountability

Though nearly all tax professionals provide honest, high-quality service, but dishonest preparers pop up every filing season committing fraud, harming innocent taxpayers or talking taxpayers into doing illegal things they regret later.

Taxpayers should avoid so-called “ghost” preparers who expose their clients to potentially serious filing mistakes as well as possible tax fraud and risk of losing their refunds. With many tax professionals impacted by COVID-19 and their offices potentially closed, taxpayers should take particular care in selecting a credible tax preparer.

Offer in Compromise Mills: Pennies on the Dollar—with No Resolution

One targeting both individuals and businesses in tax debt, the offer in compromise mill is a misleading organization who will take the pennies while you still owe all the dollars. OIC is a process that is available for taxpayers who meet very specific criteria under law to qualify for reducing their tax bill, but unscrupulous companies oversell the program to unqualified candidates so they can collect a hefty fee from taxpayers already struggling with debt.

Fake Payments

Imagine seeing your tax return before you even file—then receiving a call demanding money. An egregious tactic, this takes place when a con artist steals or obtains a taxpayer’s personal data including Social Security number or Individual Taxpayer Identification Number (ITIN) and bank account information

From here, they file a bogus tax return and impersonate an IRS employee. The taxpayer is told that there’s been an error and that the IRS needs the money returned immediately or penalties and interest will result. The taxpayer is told to buy specific gift cards for the amount of the refund.

Payroll and HR Scams

A big one targeting businesses, business email compromise and business email spoofing scams take place with a goal of collecting W-2 information or direct deposit information.

  • In the gift card scam, a compromised email account is often used to send a request to purchase gift cards in various denominations.
  • In the direct deposit scheme, the fraudster may have access to the victim’s email account (also known as an email account compromise or “EAC”). They may also impersonate the potential victim to have the organization change the employee’s direct deposit information to reroute their deposit to an account the fraudster controls.

BEC/BES scams have used a variety of ploys to include requests for wire transfers, payment of fake invoices as well as others. In recent years, the IRS has observed variations of these scams where fake IRS documents are used in to lend legitimacy to the bogus request. For example, a fraudster may attempt a fake invoice scheme and use what appears to be a legitimate IRS document to help convince the victim.

Ransomware

Hitting everyone from businesses and individuals to local governments, ransomware is common and often costly. Ransomware is malware targeting human and technical weaknesses to infect a potential victim’s computer, network or server.  Once infected, ransomware looks for and locks critical or sensitive data with its own encryption. In some cases, entire computer networks can be adversely impacted.

Cybercriminals might use a phishing email to trick a potential victim into opening a link or attachment containing the ransomware. These may include email solicitations to support a fake COVID-19 charity. Cybercriminals also look for system vulnerabilities where human error is not needed to deliver their malware.

Don’t Fall for the Scams

Whether targeting your business or your personal life, scams can cause a lot of grief during and long after the scam takes place. These are just some of the most common tactics used by scammers to separate you or your business from money, and too often, they work.

Additional Tax Resources

Today’s Losses Mean Tomorrow’s Tax Breaks

Should Controllers Anticipate More Tax Reform in 2020?

Could COVID Leave You with a SALT Problem?

Become a Member Today!

Controllers Council is a national community and platform of controllers, accounting and finance professionals focused on accounting best practices, information, and resources, recognition and networking.